....
 

Guardian Digital Inc. > InfoCenter > Mailing List Archives > Amavis

Amavis Mailing List Archive

From: Gary Verchick (lists@johnmecham.com)
Date: Fri Dec 17 2004 - 06:31:26 EST


Mark wrote:

> Gary,

>> I have a system at home that I was going to install 2.2.1-rc1 on as a
>> test, but because of the outcome of the test you provided, it appears
>> it won't be necessary because the test fails on this one as well.

> If it turns out the test is mistaken, you can just remove it,
> it wasn't present in previous versions. Except for added test
> there are no real change in this area.

> But let's see first what this is all about.

>> Debian Sarge, 2.4.27-1-386, Perl 5.8.4
>> I installed 20030616-p10 via apt-get to get the startup script and
>> other ancillary files and to add the amavis user, etc.,
>> then updated amavisd.conf and replaced /usr/sbin/amavisd-new with
>> version 2.2.0, ran on this for a couple months, then 2.2.1-rc1.

> Sounds good.

>> I also tried this as a normal user, and the test failed.
>> If the directory is world executable (drwxr-xr-x) would
>> that enable anyone to rename a file in the directory
>> and therefore fail this test?

> It shouldn't, both the 'w' and 'x' bits are required on a directory
> to allow renames.

> Try with a normal 'mv' command (attempt to rename to a different name,
> the mv will probably complain if you try to mv a file to the same name)

rc2:~# chmod 755 /etc/amavis
rc2:~# su amavis -c 'mv /etc/amavis/amavisd.conf /etc/amavis/amavisd.conf-2'
mv: cannot move `/etc/amavis/amavisd.conf' to `/etc/amavis/amavisd.conf-2': Permission denied
rc2:~#

>> rc2:~# chmod 755 /etc/amavis
>> rc2:~# su amavis -c 'perl -e "warn rename(qw(/etc/amavis/amavisd.conf
>> /etc/amavis/amavisd.conf)) ? qq(renamed, nogood\n) : qq(can not,ok\n)"'
>> renamed, nogood

> Strange. Perhaps your Perl is too clever and recognizes the rename
> to the same name is a no-op. Try to rename to a different name -
> the second argument in the qw list, i.e.
> qw(/etc/amavis/amavisd.conf /etc/amavis/amavisd.conf.different)
rc2:~# su amavis -c 'perl -e "warn rename(qw(/etc/amavis/amavisd.conf /etc/amavis/amavisd.conf-2)) ? qq(renamed, nogood\n) : qq(can not,ok\n)"'
can not,ok
rc2:~#

> and if it claims the rename succeeded, check that it really did
> rename the file.

>> rc2:~# chmod 644 /etc/amavis
>> rc2:~# su amavis -c 'perl -e "warn rename(qw(/etc/amavis/amavisd.conf
>> /etc/amavis/amavisd.conf)) ? qq(renamed, nogood\n) : qq(can not,ok\n)"'
>> can not,ok

> The 'x' protection bit is not there, so this works as it should.
> Try with chmod 311 /etc/amavis

rc2:~# chmod 311 /etc/amavis
rc2:~# su amavis -c 'perl -e "warn rename(qw(/etc/amavis/amavisd.conf /etc/amavis/amavisd.conf)) ? qq(renamed, nogood\n) : qq(can not,ok\n)"'
renamed, nogood
rc2:~#

>> in /etc/passwd:
>> amavis:x:103:104:AMaViS system user,,,:/var/lib/amavis:/bin/sh
>> in /etc/group
>> amavis:x:104:clamav

> Mark

-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://productguide.itmanagersjournal.com/
_______________________________________________
AMaViS-user mailing list
AMaViS-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/



[ About Guardian Digital ] - [ Press Center ] - [ Contact Us ] - [ System Activation ] - [ Reseller Info ] - [ Online Store ] - [ Site Map ]
Copyright (c) 2000 - 2004 Guardian Digital, Inc. Linux Lockbox and EnGarde are Trademarks of Guardian Digital, Inc.